Authentication operations

This topic provides input and output elements, and sample XML requests and responses for the operations in the Authentication folder.

- CyberArk Logon
- CyberArk Logoff

Note

When you use a context item as an input for an adapter request, you must enclose the adapter request in the <request-data> elements. However, when you create a static request, <request-data> is not required and the adapter request starts with the <cyberark-adapter-request> element.

CyberArk Logon

This operation authenticates the user credentials to obtain the authorization token, which is used to perform CyberArk administrative operations.

The following table describes the input XML elements for the adapter request.

Input element	Description	Required
<operation-name>	Specifies the operation name to invoke the Web SDK logon API. Valid value: cyberark-websdk-logon	Yes
<user-name>	Specifies the CyberArk Web SDK user name.	Yes
<password>	Specifies the password that matches the user name.	Yes

The following figure shows a sample XML request for the operation.

<cyberark-adapter-request>
   <operation-name>cyberark-websdk-logon</operation-name>
   <user-name>Administrator</user-name>
   <password>secret</password>
</cyberark-adapter-request>

The following figure shows the adapter response for the request.

<cyberark-adapter-response>
<metadata>
   <status>success</status>
</metadata>
<status-line>
   <code>200</code>
   <reason>OK</reason>
</status-line>
<header-lines>
   <Cache-Control>no-cache, no-store, must-revalidate</Cache-Control>
   <Pragma>no-cache</Pragma>
   <Content-Type>application/json; charset=utf-8</Content-Type>
   <Expires>-1</Expires>
   <Server>Microsoft-IIS/8.5</Server>
   <api-supported-versions>10.8</api-supported-versions>
   <Set-Cookie>CA33333=; path=/PasswordVault/; HttpOnly</Set-Cookie>
   <Set-Cookie>mobileState=Desktop; path=/PasswordVault/; HttpOnly</Set-Cookie>
   <Set-Cookie>CA11111=00000002621CF9DCF09B30BDBB07D3AC7265F5ED38EA5ADA3690EC99426417CD1852E04200000000; path=/PasswordVault/; HttpOnly</Set-Cookie>
   <Set-Cookie>CA22222=B48DE18CA357042D; path=/PasswordVault/; HttpOnly</Set-Cookie>
   <Set-Cookie>CA55555=cyberark; path=/PasswordVault/; HttpOnly</Set-Cookie>
   <X-UA-Compatible>IE=EmulateIE8</X-UA-Compatible>
   <X-XSS-Protection>1; mode=block</X-XSS-Protection>
   <X-Content-Type-Options>nosniff</X-Content-Type-Options>
   <X-FRAME-Options>SAMEORIGIN</X-FRAME-Options>
   <Access-Control-Expose-Headers>Warning</Access-Control-Expose-Headers>
   <Date>Mon, 16 Sep 2019 11:00:33 GMT</Date>
   <Content-Length>182</Content-Length>
</header-lines>
<message-body>"ZTUyNWRhYmEtNTY5ZS00YzkzLWIyYWEtMDUwMjcwM2Q3MzNmO0I0OERFMThDQTM1NzA0MkQ7MDAwMDAwMDI2MjFDRjlEQ0YwOUIzMEJEQkIwN0QzQMDAwMDA7"</message-body>
</cyberark-adapter-response>

The following table describes the output XML elements for the operation.

Output element	Description
<cyberark-adapter-response>	Contains the adapter response.
<status-line>	Contains the HTTP response code and the reason. Example <status-line> <code>200</code> <reason>OK</reason> </status-line>
<message-body>	Contains the response, in JSON. If the request is successful, (code is 200, reason is OK) the password is returned in the "Content" element in the message body.

CyberArk Logoff

This operation invalidates the authorization token.

The following table describes the input XML elements for the adapter request.

Input element	Description	Required
<operation-name>	Specifies the operation name to invoke the Web SDK logff API. Valid value: cyberark-websdk-logon	Yes
<authorization-token>	Specifies the authorization token obtained during the logon operation.	Yes

The following figure shows a sample XML request for the operation.

<cyberark-adapter-request>
<operation-name>cyberark-websdk-logoff</operation-name>
<authorization-token>NjU4YzA5ODYtYmZhMi00NzNmLTkwNzktODRjZThhZTRjZDBMzRERTREOUQ2MTUyN0E4NDY2NTNFRkQ1NzE4MUM0MEM5OTQzMUI4NUZENThCRDI4QkRCNkFDMDAwMDAwMDA7</authorization-token>
</cyberark-adapter-request>

The following figure shows the adapter response for the request.

<cyberark-adapter-response>
     <metadata>
       <status>success</status>
     </metadata>
     <status-line>
       <code>200</code>
       <reason>OK</reason>
     </status-line>
     <header-lines>
       <Cache-Control>no-cache, no-store, must-revalidate</Cache-Control>
       <Pragma>no-cache</Pragma>
       <Content-Type>application/json; charset=utf-8</Content-Type>
       <Expires>-1</Expires>
       <Server>Microsoft-IIS/8.5</Server>
       <Set-Cookie>CA22222=; path=/PasswordVault/; HttpOnly</Set-Cookie>
       <Set-Cookie>CA11111=; path=/PasswordVault/; HttpOnly</Set-Cookie>
       <Set-Cookie>CA55555=; path=/PasswordVault/</Set-Cookie>
       <Set-Cookie>CA33333=; path=/PasswordVault/; HttpOnly</Set-Cookie>
       <Set-Cookie>mobileState=Desktop; path=/PasswordVault/; HttpOnly</Set-Cookie>
       <api-supported-versions>10.8</api-supported-versions>
       <X-UA-Compatible>IE=EmulateIE8</X-UA-Compatible>
       <X-XSS-Protection>1; mode=block</X-XSS-Protection>
       <X-Content-Type-Options>nosniff</X-Content-Type-Options>
       <X-FRAME-Options>SAMEORIGIN</X-FRAME-Options>
       <Access-Control-Expose-Headers>Warning</Access-Control-Expose-Headers>
       <Date>Mon, 14 Oct 2019 07:06:35 GMT</Date>
       <Content-Length>16</Content-Length>
     </header-lines>
     <message-body>{"LogoffUrl":""}</message-body>
   </cyberark-adapter-response>

The following table describes the output XML elements for the operation.

Output element	Description
<cyberark-adapter-response>	Contains the adapter response.
<status-line>	Contains the HTTP response code and the reason. Example <status-line> <code>200</code> <reason>OK</reason> </status-line>
<message-body>	Contains the response, in JSON. If the request is successful, (code is 200, reason is OK) the password is returned in the "Content" element in the message body.

Authentication operations

CyberArk Logon

CyberArk Logoff

TrueSight Orchestration Content 23.1

On this page